Three top officials in Finland’s Security Police (SUPO) and the former head of the security unit of the telecommunications service provider Sonera are to be charged in a case involving suspected illegal telecommunications surveillance, according to the Finnish journal Helsingin Sanomat. The case dates back to November 2000, when Juha E. Miettinen, the head of Sonera's security unit, handed over the traffic data records of 5 mobile phone customers to the SUPO without just cause. The illegal hand-over was brought to light in yet another painful incident compromising the privacy of Sonera staff and customers. Miettinen had personally led an operation to collect telephone records of Sonera employees and outsiders in 2000 and 2001, to investigate which employee had possibly leaked information about internal company affairs to the press.

During the Big Brother Awards ceremony in Budapest, Hungary on 25 November 2004, the People's Award was presented to the Data Protection Commissioner, Attila Péterfalvi. He was chosen with a large majority of 917 votes (39,8%) from 2.342 valid votes. He was given the negative price for making official statements that could erode the Hungarian privacy culture, including a statement that it was right from a legal point of view to install CCTVs in fitting rooms. Acting like a good sport, Péterfalvi joined the ceremony and received the award. But earlier, he had sent an official letter from the Hungarian Data Protection Agency warning the Hungarian organisers that he would ask Privacy International to erase them from the list of official Big Brother Award organisers.

The Ministry of Employment and Labour won a Big Brother Award for its project EMMA (Egységes Munkaügyi Nyilvántartás). It is a centralised database containing personal information about every Hungarian employee, without any purpose that would make it justifiable under constitutional privacy protection.

The European Commission is preparing a Framework Decision on 'Access to information by law enforcement agencies'. Commission services have authored a Communication on enhancing such access, which was sent to the Council and the European Parliament in June 2004.

The issue is closely linked to discussions currently under way on the introduction of data protection rules for issues that are dealt with under the Third Pillar of EU Legislation, which is mainly about police and judicial co-operation. At present, this whole topical area is exempt from EU Data Protection legislation, including the EU Data Protection Directive 95/46.

In the classic view on data protection, access to information is seen as a complementary condition for the protection of data. This was reflected at an expert's meeting in Brussels on 23 November 2004, where Gus Hosein of Privacy International and Andreas Dietl of EDRI were invited, along with a small number of speakers from other civil rights organisations.

The European Council of ministers of Justice and Home Affairs will meet on 2 and 3 December 2004. Telecommunication data retention is an important item on the agenda. The Dutch EU Presidency tried to force the Council to reach a quick unanimous decision on the proposed framework decision, but has now changed course. According to an explanation given by minister Donner of Justice on 1 December 2004 to the judicial committee of the Dutch Lower House, a large majority of EU Member States is now in favour of an extended obligation. Supposedly lead by France, most countries now insist on a large set of data that should be collected and stored by telecom and internet providers, in stead of limiting the retention to data that are already collected for business purposes.

Not a single example of these extra data was given, but providers should be prevented from 'obscuring personal data' and 'there must be certainty about the set of available data across Europe', said minister Donner. The JHA Council will now proceed to discuss the extent of the extended obligation, in stead of focussing on the need and necessity of storing intimate data about all citizens as opposed to preserving data of individual suspects.

It is likely that the Council of European Justice and Home Affairs ministers will adopt a regulation tomorrow, on 3 December 2004, to fingerprint all EU citizens and residents, to take digital photographs of their faces and to store these data in a gigantic database of 450 million EU citizens. This will be the last step of a procedure that has exploited the democratic deficit of the European Union to an unheard extreme.

Today the European Parliament adopted the proposal but introduced a large number of limitations. MEPs voted to clearly limit the kinds of information to be stored on the passports, they voted against the storage of the data in a central database and in favour of giving Data Protection Authorities oversight over the whole process. But it is unlikely that the Council will take any of these amendments into consideration. Under the European Union's consultation procedure the Council can globally reject all of the Parliament's amendments. Though it is mandatory to at least look at the parliamentary suggestions, it will be almost impossible to do so in this case, since the Council plans to adopt its own plan tomorrow.

Privacy International is calling on all manufacturers of phone camera's to equip the devices with a default flash, to alert people that their picture is taken. PI believes this measure is necessary to avoid endemic privacy abuse. Camera phones are increasingly used to take intimate and private images without consent, often resulting in embarrassment and harm to relationships. Such images can also be used as material for blackmail, revenge and harassment.

Numerous countries have pursued restrictive measures. Only Saudi Arabia created a complete ban on the devices, other countries such as Australia, Taiwan, the United States, the UK and Canada have adopted specific rules to prevent the use in specific places such as changing rooms, swimming pools and schools. The Ministry of Information and Communication of Korea

The Dutch presidency of the EU has launched a new 5 year programme for Justice and Home Affairs. The previous five year plan, the Tampere Programme, was launched under the Finnish presidency of the EU. The new 'Hague Programme' was discussed at the Brussels European Council on 4 and 5 November and will be presented by Dutch prime minister Jan-Peter Balkenende to the European Parliament tomorrow, 18 November 2004.

The programme focuses on the current tendency of considering illegal migration a 'cross-border problem', along with terrorism and organised crime. Making reference to the attacks on 11 September 2001 in the U.S., and on 11 March 2004 in Madrid, it states 'a new urgency' for the security of the EU and its member states.

The means by which the EU Council hopes to achieve this security have

The European Working Party of data protection authorities has finally released an opinion on the proposed retention of communication traffic data. The Working Party concludes the proposal is not acceptable within the legal framework set by Article 8 of the European Convention on Human Rights. According to the Working Party data retention deserves the same level of protection as interception. They cite jurisprudence from the European Court of Human Rights that decrees that all interception of telecommunications data must fulfil three fundamental criteria; a legal basis, the need for the measure in a democratic society and conformity with a legitimate and listed aim. The proposal sent to the European Council on 28 April 2004 by France, Sweden, Ireland and the UK does not meet any of these criteria, according to the data protection